The data stored in the computer in any organization is very important and hence it is essential to protect the data. In this module, we will see more about importance of Data Security because any organizations cannot afford to lose the data at any cost. In some cases, the data can be deleted or destroyed accidentally or intentionally.
At times, data is important that the Software and the Hardware. In case of the loss of the Software or the Hardware, both can be replaced,but the loss of data cannot be replaced.
There are three types of data breach:
- Physical
- Electronic
- Skimming
A Physical breach involves the physical theft of the documents or equipment that contain the account data, such as card holder receipts, files, PCs, point-of-sale. Now let us think on what can we do to prevent the physical breach:
Keep a track of inventory that may include laptops, servers, computers, any other technology that may contain cardholder data, such as point-of-sale equipment or any other physical asset that may contain cardholder data.
Secure your technology in the terms of lock the desktop to the desks. Institute a policy that will lock the device at the end of the business day. You should ensure the computer/server data center is in the locked room.
Educate Employees and Enforce security policies.
Restrict and monitor the physical access to the point where technology is stored.
Maintain the visitors log.
On the other hand, Electronic Breach, refers to the point where you spot the unauthorized access to the system or network environment. A Packet Sniffer intercepts and logs traffic passing over a digital network or a part of it. Unfortunately, this tool is often used by the fraudster to collect card data in transit in the merchant’s network.
Another type of electronic breach could be through the Structured Query Language(SQL) Injection. It can further acquire information like PIN updates, monetary additions, etc. by tricks.
Following are the few steps that can be taken to prevent Electronic Breach:
Centralized Logging
Daily review of Logs
Protection of logs from the unauthorized access.
Keep a history of logs
Establish standard company procedures.
Skimming is another process that involves the capture and recording of card magnetic stripe data using an external device which is sometimes installed on a merchant’s Point of Sale System (POS). The ways in which you can minimize the potential for Skimming is :
Closely monitor the handling of cards when employees have frequent physical possession of cards.
Monitor the activity on the Point-of-Sale device and PIN pad device.
Ensure that the point where you are using your card is not vulnerable.
Regularly check the equipment for the attached skimming device.
DATA SECURITY
Storing data on the internet can be done through cloud storage. It gives flexibility of storage and can be accessed through any device that has data connectivity. The Storage Area Networks are the attached devices and are used for data recovery. It is important yet difficult to handle the big data. To implement the same with the Security Incidence Events Manager can put the data of utter importance on the security interface.
DATA ENCRYPTION is the process in which data is translated from one form to another. The encrypted data are called as ciphertext. at present, encryption is the most common method to employ data security. There are two main types of encryption a) asymmetric encryption also called public key encryption and b) symmetric encryption.
DATA POLICIES will dictate that if the media is to be shared, the data on the drive should be removed or wiped. This is called sanitization that prevent unauthorized disclosure. The policies should dictate how we dispose all this media that is should they be physically destroyed or passed to the device where they can be saved with restricted access.
At times, we can have storage of the data at the off site location. Hence, we need the data retention policy that will look at how long the data have to be stored. We have to give consideration for the encryption of the data in transit, Data at Rest, and Data in Use. The organization need to have secure mechanization so that nobody can eavesdrop on the stored data. We can employ security protocol like SSL and SHL which will guarantee confidentiality and integrity.The Permissions and Access Control Lists will contain what resources can be accessed by the data. The users should have proper encryption keys to have complete access.